/* Copyright (c) 2009 Google Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package openbang.account.service.util;

import java.io.IOException;
import java.util.logging.Logger;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 监控 doGet , doPost 必须先登录
 * 如果没有登录，跳到错误页面（暂不实现：登录时重新提交原url）
 * 
 * @author aibo zeng
 *
 */

@SuppressWarnings("serial")
public abstract class SecurityServlet extends HttpServlet {
	private static final Logger log = Logger.getLogger(SecurityServlet.class.getName());

	public final void doGet(HttpServletRequest req, HttpServletResponse resp)
			throws IOException, ServletException {
		  if(!SessionHelper.getUserLoginInfo(req).isLogined()){
		      //取得 要调用的 action 类名 , 即 接口名 
			  log.warning("有黑客? 没有登录时访问 url="+req.getRequestURL().toString());
			  SessionHelper.forwardToErrorPage("执行该操作时无法找到用户信息","没有登录","请重新登录", req, resp); 
			  return;
		  }		
	}
	public final void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException, ServletException {
		doGet(req,resp);
	}
	
	public abstract void doBusiness() throws IOException, ServletException ;
}
